<?php
 
define('IN_SCRIPT',1);

/* Get all the required files and functions */
require_once('hd_settings.inc.php');
require_once('language/'.$hd_settings['language'].'.inc.php');
require_once('inc/common.inc.php');

/* Connect to database */
require_once('inc/database.inc.php');
hd_dbConnect() or hd_error("$hdlang[cant_connect_db] $hdlang[contact_webmsater] $hd_settings[webmaster_mail]!");

hd_session_start();
hd_isLoggedIn();
/* Must be administrator to access this page */
hd_isAdmin();

/* Print header */
require_once('inc/header.inc.php');

/* What should we do? */
$action=hd_input($_REQUEST['a']);
if ($action == 'new') {new_saved();}
elseif ($action == 'edit') {edit_saved();}
elseif ($action == 'remove') {remove();}
elseif ($action == 'order') {order_saved();}

/* Print main manage users page */
require_once('inc/show_admin_nav.inc.php');
?>

</td>
</tr>
<tr>
<td>

<script language="Javascript" type="text/javascript"><!--
function confirm_delete()
{
if (confirm('<?php echo $hdlang['delete_saved']; ?>')) {return true;}
else {return false;}
}

function hd_insertTag(tag) {
var text_to_insert = '%%'+tag+'%%';
hd_insertAtCursor(document.form1.msg, text_to_insert);
document.form1.msg.focus();
}

function hd_insertAtCursor(myField, myValue) {
if (document.selection) {
myField.focus();
sel = document.selection.createRange();
sel.text = myValue;
}
else if (myField.selectionStart || myField.selectionStart == '0') {
var startPos = myField.selectionStart;
var endPos = myField.selectionEnd;
myField.value = myField.value.substring(0, startPos)
+ myValue
+ myField.value.substring(endPos, myField.value.length);
} else {
myField.value += myValue;
}
}
//-->
</script>

<h3 align="center"><?php echo $hdlang['manage_saved']; ?></h3>

<p><?php echo $hdlang['manage_intro']; ?></p>

<div align="center">
<center>
<table border="0" cellspacing="1" cellpadding="3" class="white">
<tr>
<td class="admin_white"><?php echo $hdlang['saved_title']; ?></td>
<td class="admin_white"><?php echo $hdlang['reply_order']; ?></td>
<td class="admin_white">&nbsp;</td>
</tr>

<?php
$sql = "SELECT * FROM `hd_std_replies` ORDER BY `reply_order` ASC";
$result = hd_dbQuery($sql) or hd_error("$hdlang[cant_sql]: $sql</p><p>$hdlang[mysql_said]:<br>".mysql_error()."</p><p>$hdlang[contact_webmsater] $hd_settings[webmaster_mail]");
$options='';
$javascript_messages='';
$javascript_titles='';
$trans = array_flip(get_html_translation_table(HTML_SPECIALCHARS));

$i=1;

if (hd_dbNumRows($result) < 1) {
    echo '
    <tr>
        <td>'.$hdlang['no_saved'].'</td>
        <td>&nbsp;</td>
        <td>&nbsp;</td> 
    </tr>
    ';
} else {
    while ($mysaved=hd_dbFetchAssoc($result))
    {
        if ($i) {$color="admin_gray"; $i=0;}
        else {$color="admin_white"; $i=1;}

        $options .= "<option value=\"$mysaved[id]\">$mysaved[title]</option>\n";
        $javascript_messages.='myMsgTxt['.$mysaved['id'].']=\''.str_replace("\r\n","\\r\\n' + \r\n'", strtr(addslashes($mysaved['message']), $trans))."';\n";
        $javascript_titles.='myTitle['.$mysaved['id'].']=\''.strtr(addslashes($mysaved['title']), $trans)."';\n";

    echo <<<EOC
    <tr>
    <td class="$color">$mysaved[title]</td>
    <td class="$color" align="center"><a href="manage_canned.php?a=order&replyid=$mysaved[id]&move=-15">$hdlang[move_up]</a><br>
    <a href="manage_canned.php?a=order&replyid=$mysaved[id]&move=15">$hdlang[move_dn]</a></td>
    <td class="$color" align="center">
    <a href="manage_canned.php?a=remove&id=$mysaved[id]" onclick="return confirm_delete();">$hdlang[remove]</a>
    </td>
    </tr>

EOC;
    } // End while
}

?>
</table>
</center>
</div>

<script language="javascript" type="text/javascript"><!--
var myMsgTxt = new Array();
myMsgTxt[0]='';
var myTitle = new Array();
myTitle[0]='';

<?php
echo $javascript_titles;
echo $javascript_messages;
?>

function setMessage(msgid) {
    if (document.getElementById) {
        document.getElementById('hdMsg').innerHTML='<textarea name="msg" rows="15" cols="70">'+myMsgTxt[msgid]+'</textarea>';
        document.getElementById('hdTitle').innerHTML='<input type="text" name="name" size="40" maxlength="50" value="'+myTitle[msgid]+'">';
    } else {
        document.form1.msg.value=myMsgTxt[msgid];
        document.form1.name.value=myTitle[msgid];
    }

    if (msgid==0) {
        document.form1.a[0].checked=true;
    } else {
        document.form1.a[1].checked=true;
    }
}
//-->
</script>

<p>&nbsp;</p>

<hr width="750">

<form action="manage_canned.php" method="POST" name="form1">
<p align="center"><b><?php echo $hdlang['new_saved']; ?></b></p>

<div align="center"><center>
<table border="0">
<tr>
<td>

<p><label><input type="radio" name="a" value="new" checked> <?php echo $hdlang['canned_add']; ?></label><br>
<label><input type="radio" name="a" value="edit"> <?php echo $hdlang['canned_edit']; ?></label>:

<select name="saved_replies" onChange="setMessage(this.value)">
<option value="0"> - <?php echo $hdlang['select_empty']; ?> - </option>
<?php echo $options; ?>
</select>

<p><b><?php echo $hdlang['saved_title']; ?>:</b> <div id="hdTitle"><input type="text" name="name" size="40" maxlength="50"></div></p>
<p><b><?php echo $hdlang['message']; ?>:</b><br>
<div id="hdMsg"><textarea name="msg" rows="15" cols="70"></textarea></div><br>

<?php echo $hdlang['insert_special']; ?>:<br>
<a href="javascript:void(0)" onClick="hd_insertTag('hd_NAME')"><?php echo $hdlang['name']; ?></a> |
<a href="javascript:void(0)" onClick="hd_insertTag('hd_EMAIL')"><?php echo $hdlang['email']; ?></a>
<?php
if ($hd_settings['use_custom']) {
    foreach ($hd_settings['custom_fields'] as $k=>$v) {
        if ($v['use']) {
            echo '| <a href="javascript:void(0)" onClick="hd_insertTag(\'hd_'.$k.'\')">'.$v['name'].'</a>';
        }
    }
}
?>
</p>

</td>
</tr>
</table>
</center></div>

<p align="center"><input type="submit" value="<?php echo $hdlang['save_reply']; ?>" class="button"></p>
</form>

<!-- HR -->
<p>&nbsp;</p>

<?php
require_once('inc/footer.inc.php');
exit();


/*** START FUNCTIONS ***/

function edit_saved() {
global $settings, $hdlang;

$savename=hd_Input($_POST['name'],$hdlang['ent_saved_title']);
$msg=hd_Input($_POST['msg'],$hdlang['ent_saved_msg']);
$id=hd_isNumber($_POST['saved_replies'],$hdlang['id_not_valid']);

$sql = "UPDATE `hd_std_replies` SET `title`='$savename',`message`='$msg' WHERE `id`=$id LIMIT 1";
$result = hd_dbQuery($sql) or hd_error("$hdlang[cant_sql]: $sql</p><p>$hdlang[mysql_said]:<br>".mysql_error()."</p><p>$hdlang[contact_webmsater] $hd_settings[webmaster_mail]");

/* Print admin navigation */
require_once('inc/show_admin_nav.inc.php');
?>

</td>
</tr>
<tr>
<td>

<p>&nbsp;</p>
<h3 align="center"><?php echo $hdlang['saved']; ?></h3>

<p>&nbsp;</p>

<p align="center"><?php echo $hdlang['your_saved']; ?>!</p>

<p align="center"><a href="manage_canned.php"><?php echo $hdlang['saved_replies']; ?></a> |
<a href="admin_main.php"><?php echo $hdlang['main_page']; ?></a></p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>

<!-- HR -->
<p>&nbsp;</p>

<?php
require_once('inc/footer.inc.php');
exit();
} // End edit_saved()


function new_saved() {
global $settings, $hdlang;

$savename=hd_Input($_POST['name'],$hdlang['ent_saved_title']);
$msg=hd_Input($_POST['msg'],$hdlang['ent_saved_msg']);

/* Get the latest reply_order */
$sql = "SELECT `reply_order` FROM `hd_std_replies` ORDER BY `reply_order` DESC LIMIT 1";
$result = hd_dbQuery($sql) or hd_error("$hdlang[cant_sql]: $sql</p><p>$hdlang[mysql_said]:<br>".mysql_error()."</p><p>$hdlang[contact_webmsater] $hd_settings[webmaster_mail]");
$row = hd_dbFetchRow($result);
$my_order = $row[0]+10;

$sql = "INSERT INTO `hd_std_replies` (`title`,`message`,`reply_order`) VALUES ('$savename','$msg','$my_order')";
$result = hd_dbQuery($sql) or hd_error("$hdlang[cant_sql]: $sql</p><p>$hdlang[mysql_said]:<br>".mysql_error()."</p><p>$hdlang[contact_webmsater] $hd_settings[webmaster_mail]");

/* Print admin navigation */
require_once('inc/show_admin_nav.inc.php');
?>

</td>
</tr>
<tr>
<td>

<p>&nbsp;</p>
<h3 align="center"><?php echo $hdlang['saved']; ?></h3>

<p>&nbsp;</p>

<p align="center"><?php echo $hdlang['your_saved']; ?>!</p>

<p align="center"><a href="manage_canned.php"><?php echo $hdlang['saved_replies']; ?></a> |
<a href="admin_main.php"><?php echo $hdlang['main_page']; ?></a></p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>

<!-- HR -->
<p>&nbsp;</p>

<?php
require_once('inc/footer.inc.php');
exit();
} // End new_saved()

function remove() {
global $settings, $hdlang;

$mysaved=hd_isNumber($_GET['id'],$hdlang['id_not_valid']);

$sql = "DELETE FROM `hd_std_replies` WHERE `id`=$mysaved LIMIT 1";
$result = hd_dbQuery($sql) or hd_error("$hdlang[cant_sql]: $sql</p><p>$hdlang[mysql_said]:<br>".mysql_error()."</p><p>$hdlang[contact_webmsater] $hd_settings[webmaster_mail]");
if (hd_dbAffectedRows() != 1) {hd_error("$hdlang[int_error]: $hdlang[reply_not_found].");}

/* Print admin navigation */
require_once('inc/show_admin_nav.inc.php');
?>

</td>
</tr>
<tr>
<td>

<p>&nbsp;</p>
<h3 align="center"><?php echo $hdlang['saved_removed']; ?></h3>

<p>&nbsp;</p>

<p align="center"><?php echo $hdlang['saved_rem_full']; ?>!</p>

<p align="center"><a href="manage_canned.php"><?php echo $hdlang['saved_replies']; ?></a> |
<a href="admin_main.php"><?php echo $hdlang['main_page']; ?></a></p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>

<!-- HR -->
<p>&nbsp;</p>

<?php
require_once('inc/footer.inc.php');
exit();
} // End remove()


function order_saved() {
global $settings, $hdlang;

$replyid=hd_isNumber($_GET['replyid'],$hdlang['reply_move_id']);
$reply_move=intval($_GET['move']);

$sql = "UPDATE `hd_std_replies` SET `reply_order`=`reply_order`+$reply_move WHERE `id`=$replyid LIMIT 1";
$result = hd_dbQuery($sql) or hd_error("$hdlang[cant_sql]: $sql</p><p>$hdlang[mysql_said]:<br>".mysql_error()."</p><p>$hdlang[contact_webmsater] $hd_settings[webmaster_mail]");
if (hd_dbAffectedRows() != 1) {hd_error("$hdlang[int_error]: $hdlang[reply_not_found].");}

/* Update all residence fields with new order */
$sql = "SELECT `id` FROM `hd_std_replies` ORDER BY `reply_order` ASC";
$result = hd_dbQuery($sql) or hd_error("$hdlang[cant_sql]: $sql</p><p>$hdlang[mysql_said]:<br>".mysql_error()."</p><p>$hdlang[contact_webmsater] $hd_settings[webmaster_mail]");

$i = 10;
while ($myreply=hd_dbFetchAssoc($result))
{
    $sql = "UPDATE `hd_std_replies` SET `reply_order`=$i WHERE `id`=$myreply[id] LIMIT 1";
    hd_dbQuery($sql) or hd_error("$hdlang[cant_sql]: $sql</p><p>$hdlang[mysql_said]:<br>".mysql_error()."</p><p>$hdlang[contact_webmsater] $hd_settings[webmaster_mail]");
    $i += 10;
}

} // End order_saved()

?>
